Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add scenario 12 for chaining from a trusted key #96

Merged
merged 3 commits into from
Aug 23, 2021
Merged

Add scenario 12 for chaining from a trusted key #96

merged 3 commits into from
Aug 23, 2021

Conversation

mnm678
Copy link
Contributor

@mnm678 mnm678 commented Aug 19, 2021

This is just the first, less controversial scenario from #66.

cc @sudo-bmitch @SteveLasker

@mnm678 mnm678 mentioned this pull request Aug 19, 2021
Closed
sudo-bmitch
sudo-bmitch reviewed Aug 19, 2021
View reviewed changes
Copy link
Contributor

@sudo-bmitch sudo-bmitch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good, only one minor terminology suggestion.

scenarios.md Outdated
**Implications of this requirement**

1. Users must be able to use the chain of trust to obtain per-package trusted keys, verified by a trusted root.
1. Users must be able to access the chain of delegations.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe we can consolidate these first two, since "delegations" and "per-package" may be referring to things that don't necessarily apply to Nv2. Perhaps:

1. Users must be able to to access a chain of trust that links the signing key to a trusted root.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I changed it to something similar. I wanted to keep the idea that a cert chain should be scoped for a particular artifact (to avoid universally trusted keys), but I agree that the two implications are a bit redundant. Does the new text work?

SteveLasker
SteveLasker approved these changes Aug 20, 2021
View reviewed changes
Copy link
Contributor

@SteveLasker SteveLasker left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@SteveLasker
Copy link
Contributor

Are others in agreement?
@NiazFK, @sudo-bmitch, @gokarnm, @shizhMSFT

sudo-bmitch
sudo-bmitch reviewed Aug 20, 2021
View reviewed changes
Copy link
Contributor

@sudo-bmitch sudo-bmitch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, just a minor typo fix.

scenarios.md Outdated Show resolved Hide resolved
shizhMSFT
shizhMSFT reviewed Aug 23, 2021
View reviewed changes
Copy link
Contributor

@shizhMSFT shizhMSFT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. +1 to @sudo-bmitch's comment.

@mnm678 @sudo-bmitch
Update scenarios.md
fdcd10b 
Co-authored-by: Brandon Mitchell <[email protected]>
Signed-off-by: Marina Moore <[email protected]>
@mnm678
Copy link
Contributor Author

mnm678 commented Aug 23, 2021

Thanks @sudo-bmitch and @shizhMSFT! I force pushed to fix the DCO

@SteveLasker SteveLasker merged commit 2a15760 into notaryproject:main Aug 23, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shizhMSFT shizhMSFT shizhMSFT left review comments

@SteveLasker SteveLasker SteveLasker approved these changes

@sudo-bmitch sudo-bmitch sudo-bmitch approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@mnm678 @SteveLasker @sudo-bmitch @shizhMSFT